Support User Manuals

ZyXEL Communications P-660H-T Series Network Card User Manual

Open as PDF

of 466

P-660H/HW-T Series User’ Guide

Chapter 29 Filter Configuration 280

For generic rules, the Prestige treats a packet as a byte stream as opposed to an IP packet. You

specify the portion of the packet to check with the Offset (from 0) and the Length fields, both

in bytes. The Prestige applies the Mask (bit-wise ANDing) to the data portion before

comparing the result against the Value to determine a match. The Mask and Value fields are

specified in hexadecimal numbers. Note that it takes two hexadecimal digits to represent a

byte, so if the length is 4, the value in either field will take 8 digits, for example, FFFFFFFF.

To configure a generic rule select an empty filter set in menu 21, for example 5. Select

Generic Filter Rule in the Filter Type field and press [ENTER] to open Menu 21.1.5.1 –

Generic Filter Rule, as shown in the following figure.

Figure 173 Menu 21.1.5.1 Generic Filter Rule

The next table describes the fields in the Generic Filter Rule menu.

Menu 21.1.5.1 - Generic Filter Rule

Filter #: 5,1

Filter Type= Generic Filter Rule

Active= No

Offset= 0

Length= 0

Mask= N/A

Value= N/A

More= No Log= None

Action Matched= Check Next Rule

Action Not Matched= Check Next Rule

Press ENTER to Confirm or ESC to Cancel:

Table 97 Menu 21.1.5.1 Generic Filter Rule

FIELD DESCRIPTION

Filter # This is the filter set, filter rule coordinates, for instance, 2, 3 refers to the second filter

set and the third rule of that set.

Filter Type Press [SPACE BAR] and then [ENTER] to select a type of rule. Parameters displayed

below each type will be different. Choices are Generic Filter Rule or TCP/IP Filter

Rule.

Active Select Yes to turn on or No to turn off the filter rule.

Offset Type the starting byte of the data portion in the packet that you want to compare. The

range for this field is from 0 to 255.

Length Type the byte count of the data portion in the packet that you want to compare. The

range for this field is 0 to 8.

Mask Type the mask (in Hexadecimal) to apply to the data portion before comparison.

Value Type the value (in Hexadecimal) to compare with the data portion.

More If Yes, a matching packet is passed to the next filter rule before an action is taken or

else the packet is disposed of according to the action fields.

If More is Yes, then Action Matched and Action Not Matched will be N/A.

previous next